Scanresultaten van Farbar Recovery Scan Tool (FRST) (x64) Versie: 19-08-2017 Gestart door Maria Rita (Beheerder) op MARIARITABOYART (19-08-2017 18:40:59) Gestart vanaf C:\Users\Maria Rita\Desktop Geladen Profielen: Maria Rita (Beschikbare Profielen: Maria Rita) Platform: Windows 8.1 (Update) (X64) Taal: Nederlands (Nederland) Internet Explorer Versie 11 (Standaardbrowser: IE) Boot Modus: Normal Handleiding voor Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Processen (gefilterd) ================= (Als een item is opgenomen in de fixlist, het proces zal worden gesloten. Het bestand zal niet worden verplaatst.) (AuthenTec, Inc) C:\Program Files\Lenovo Fingerprint Reader\TrueSuiteService.exe (Lenovo.) C:\Windows\System32\ibmpmsvc.exe (Lenovo.) C:\Windows\System32\LPlatSvc.exe (AMD) C:\Windows\System32\atiesrxx.exe (Microsoft Corporation) C:\Windows\System32\wlanext.exe (Advanced Micro Devices, Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe (Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe (Lenovo Corporation) C:\Program Files\Lenovo\Communications Utility\AVControlCenter32.exe (Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe (Broadcom Corporation.) C:\Program Files\Lenovo\Bluetooth Software\btwdins.exe (Conexant Systems Inc.) C:\Windows\System32\CxAudMsg64.exe (Lenovo) C:\Program Files (x86)\Lenovo\RapidBoot HDD Accelerator\FBService.exe (Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe (Realsil Microelectronics Inc.) C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe (Lenovo Group Limited) C:\Program Files\Lenovo\SettingsDependency\SettingsService.exe (LENOVO INCORPORATED.) C:\Program Files\Lenovo\SystemAgent\SystemAgentService.exe (Lenovo Group Limited) C:\Program Files\Lenovo\VIRTSCRL\lvvsst.exe (Symantec Corporation) C:\Program Files (x86)\Norton AntiVirus\Engine\22.10.0.85\nav.exe (Nitro PDF Software) C:\Program Files\Nitro\Pro 10\NitroPDFDriverService10x64.exe (Nitro PDF Software) C:\Program Files\Common Files\Nitro\Pro\8.0\NitroPDFDriverService8x64.exe () C:\Program Files\Nitro\Pro 10\Nitro_UpdateService.exe (Nalpeiron Ltd.) C:\Windows\SysWOW64\NLSSRV32.EXE (pdfforge GmbH) C:\Program Files (x86)\PDF Architect\HelperService.exe (pdfforge GmbH) C:\Program Files (x86)\PDF Architect\ConversionService.exe (Conexant Systems, Inc.) C:\Windows\SysWOW64\SASrv.exe (IObit) C:\Program Files (x86)\IObit\Classic Start\SMService.exe (TomTom) C:\Program Files (x86)\TomTom HOME 2\TomTomHOMEService.exe (Lenovo Group Limited) C:\Program Files\Lenovo\HOTKEY\tphkload.exe (Lenovo Group Limited) C:\Program Files\Lenovo\HOTKEY\micmute.exe (Microsoft Corporation) C:\Windows\System32\dllhost.exe (AuthenTec, Inc.) C:\Program Files\Common Files\AuthenTec\TrueService.exe (LENOVO INCORPORATED.) C:\Program Files\Lenovo\QuickSnipService\QuickSnipService.exe (Lenovo) C:\Program Files\Lenovo\Lenovo Mobile Hotspot\LnvHotSpotSvc.exe () C:\Program Files (x86)\Lenovo\LocationAware\loctaskmgr.exe (Microsoft Corporation) C:\Windows\System32\rundll32.exe (Lenovo) C:\Program Files (x86)\ThinkPad\Utilities\PWMDBSVC.exe (AMD) C:\Windows\System32\atieclxx.exe (Lenovo) C:\Program Files\Lenovo\QuickSnipService\QuickSnipInput.exe (Lenovo Corporation) C:\Program Files\Lenovo\Communications Utility\avfaudiosw.exe (AuthenTec, Inc.) C:\Program Files\Common Files\AuthenTec\TrueService.exe (Microsoft Corporation) C:\Windows\System32\dllhost.exe (IObit) C:\Program Files (x86)\IObit\Classic Start\ClassicStart.exe (Lenovo Group Limited) C:\Program Files\Lenovo\VIRTSCRL\virtscrl.exe (Symantec Corporation) C:\Program Files (x86)\Norton AntiVirus\Engine\22.10.0.85\nav.exe (Lenovo.) C:\Windows\System32\TpShocks.exe () C:\Program Files (x86)\Lenovo\LocationAware\lpdagent.exe (IObit) C:\Program Files (x86)\IObit\Classic Start\StartMenu_Hook.exe (Microsoft Corporation) C:\Windows\System32\rundll32.exe (Conexant Systems, Inc.) C:\Program Files\CONEXANT\cAudioFilterAgent\CAudioFilterAgent64.exe (TomTom) C:\Program Files (x86)\MyDrive Connect\TomTom MyDrive Connect.exe () C:\Program Files (x86)\FileHippo.com\FileHippo.AppManager.exe (Lenovo Group Limited) C:\Program Files\Lenovo\HOTKEY\tpnumlkd.exe (TomTom) C:\Program Files (x86)\TomTom HOME 2\TomTomHOMERunner.exe (CyberLink Corp.) C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe (Lenovo) C:\Program Files (x86)\Lenovo\RapidBoot HDD Accelerator\FBConsole.exe (Lenovo Group Limited) C:\Program Files\Lenovo\HOTKEY\mkrmsg.exe (CyberLink) C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe (Intel Corporation) C:\Program Files (x86)\Intel\IntelAppStore\bin\ismagent.exe (Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe (IObit) C:\Program Files (x86)\IObit\Classic Start\InstallServices.exe (Lenovo Group Limited) C:\Program Files\Lenovo\HOTKEY\tposd.exe (Lenovo Group Limited) C:\Program Files\Lenovo\HOTKEY\shtctky.exe () C:\Program Files\Lenovo Fingerprint Reader\x86\IEWebSiteLogon.exe (Lenovo) C:\Program Files\Lenovo\Lenovo Solution Center\LSCNotify.exe (Lenovo Corporation) C:\Program Files\Lenovo\Communications Utility\tpknrres.exe Kon geen toegng krijgen tot proces -> iexplore.exe Kon geen toegng krijgen tot proces -> iexplore.exe (Lenovo Corporation) C:\Program Files\Lenovo\Communications Utility\vcamsvc.exe (Lenovo Corporation) C:\Program Files\Lenovo\Communications Utility\cammute.exe (Lenovo Group Limited) C:\Program Files\Lenovo\Communications Utility\tpknrsvc.exe (Lenovo Corporation) C:\Program Files\Lenovo\Communications Utility\vcamsvchlpr.exe (AuthenTec Inc.) C:\Program Files\Lenovo Fingerprint Reader\TouchControl.exe (Lenovo.) C:\Windows\System32\LPlatSvc.exe (Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe ==================== Register (gefilterd) ==================== (Als een item is opgenomen in de fixlist, het registry item zal worden teruggezet naar de standaardwaarden of verwijderd. Het bestand zal niet worden verplaatst.) HKLM\...\Run: [TpShocks] => C:\windows\system32\TpShocks.exe [382248 2013-02-13] (Lenovo.) HKLM\...\Run: [LnvMobHotspotClient] => C:\Program Files\Lenovo\Lenovo Mobile Hotspot\MobileHotspotclient.exe [937968 2014-08-12] (Lenovo) HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2963184 2013-04-24] (Synaptics Incorporated) HKLM\...\Run: [LMCSSTART1] => C:\WINDOWS\SysWOW64\lmcfrundll.exe C:\Program Files\Lenovo\Communications Utility\libmcsrdllb.dll,InitSubsystemProcesses HKLM\...\Run: [LMCSSTART2] => C:\WINDOWS\SysWOW64\lmcfrundll.exe C:\Program Files\Lenovo\Communications Utility\libstartstub2.dll,ProxyStart HKLM\...\Run: [LMCSSTART3] => C:\WINDOWS\SysWOW64\lmcfrundll.exe C:\Program Files\Lenovo\Communications Utility\libmcsrdllb.dll,SetupCamplusDrop HKLM\...\Run: [LenovoOptMouseUpdate] => C:\Program Files\Lenovo\HOTKEY\extapsup.exe [341448 2014-11-07] (Lenovo Group Limited) HKLM\...\Run: [cAudioFilterAgent] => C:\Program Files\Conexant\cAudioFilterAgent\cAudioFilterAgent64.exe [903384 2013-07-24] (Conexant Systems, Inc.) HKLM\...\Run: [ForteConfig] => C:\Program Files\Conexant\ForteConfig\fmapp.exe [49056 2010-10-26] () HKLM\...\Run: [SmartAudio] => C:\Program Files\CONEXANT\SAII\SACpl.exe [1647616 2012-06-13] (Conexant Systems, Inc.) HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [303928 2017-07-14] (Apple Inc.) HKLM-x32\...\Run: [Fastboot] => C:\Program Files (x86)\Lenovo\RapidBoot HDD Accelerator\FBConsole.exe [738032 2013-12-14] (Lenovo) HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe [96056 2013-05-30] (Hewlett-Packard) HKLM-x32\...\Run: [] => [X] HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe [766688 2014-07-04] (Advanced Micro Devices, Inc.) HKLM-x32\...\Run: [PowerDVD14Agent] => C:\Program Files (x86)\CyberLink\PowerDVD14\PowerDVD14Agent.exe [795672 2014-08-12] (CyberLink Corp.) HKLM-x32\...\Run: [PowerDVD17Agent] => C:\Program Files (x86)\CyberLink\PowerDVD17\PowerDVD17Agent.exe [527400 2017-03-17] (CyberLink Corp.) HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [587288 2017-07-21] (Oracle Corporation) HKU\S-1-5-21-838929920-3368600397-1854171334-1002\...\Run: [MyDriveConnect.exe] => C:\Program Files (x86)\MyDrive Connect\TomTom MyDrive Connect.exe [2042144 2016-04-14] (TomTom) HKU\S-1-5-21-838929920-3368600397-1854171334-1002\...\Run: [FileHippo.com] => C:\Program Files (x86)\FileHippo.com\FileHippo.AppManager.exe [10566352 2015-09-02] () HKU\S-1-5-21-838929920-3368600397-1854171334-1002\...\Run: [TomTomHOME.exe] => C:\Program Files (x86)\TomTom HOME 2\TomTomHOMERunner.exe [248176 2015-07-13] (TomTom) Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Bluetooth.lnk [2013-12-14] ShortcutTarget: Bluetooth.lnk -> C:\Program Files\Lenovo\Bluetooth Software\BTTray.exe (Broadcom Corporation.) Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk [2014-04-12] ShortcutTarget: HP Digital Imaging Monitor.lnk -> C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe (Hewlett-Packard Co.) CHR HKLM\SOFTWARE\Policies\Google: Restrictie <==== AANDACHT ==================== Internet (gefilterd) ==================== (Als een item is opgenomen in de fixlist, als het een registry item is wordt verwijderd of hersteld naar de standaard.) HKLM\SOFTWARE\Policies\Microsoft\Windows\CurrentVersion\Internet Settings: [ProxySettingsPerUser] 0 <==== AANDACHT (Restrictie - ProxySettings) Tcpip\Parameters: [DhcpNameServer] 195.130.131.4 195.130.130.4 Tcpip\..\Interfaces\{B74803A0-6F85-4685-8638-CC849C856929}: [DhcpNameServer] 195.130.131.4 195.130.130.4 Tcpip\..\Interfaces\{D95035D0-9A76-4957-A2AC-43DC24913807}: [DhcpNameServer] 192.168.1.1 Internet Explorer: ================== HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.symantec.com/redirects/security_response/fix_homepage/index.jsp?lg=nl&pid=NAV&pvid=22.5.2.15 HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch HKU\S-1-5-19\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.symantec.com/redirects/security_response/fix_homepage/index.jsp?lg=nl&pid=NAV&pvid=22.5.2.15 HKU\S-1-5-19\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch HKU\S-1-5-20\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.symantec.com/redirects/security_response/fix_homepage/index.jsp?lg=nl&pid=NAV&pvid=22.5.2.15 HKU\S-1-5-20\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch HKU\S-1-5-21-838929920-3368600397-1854171334-1002\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch HKU\S-1-5-21-838929920-3368600397-1854171334-1002\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://www.google.be/?gws_rd=ssl HKU\S-1-5-21-838929920-3368600397-1854171334-1002\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://lenovo13-comm.msn.com/?pc=LNJB SearchScopes: HKLM-x32 -> DefaultScope waarde ontbreekt SearchScopes: HKU\S-1-5-21-838929920-3368600397-1854171334-1002 -> DefaultScope {AFBCB7E0-F91A-4951-9F31-58FEE57A25C4} URL = hxxps://nortonsafe.search.ask.com/web?q={searchTerms}&o=APN11913&l=dis&prt=NS&chn=1000&geo=BE&ver=22.10.0.85&locale=nl_BE&guid=BDE47828-1D2F-451C-82D6-1E4FAC4D08C3&doi=2015-07-05&gct=kwd&qsrc=2869 SearchScopes: HKU\S-1-5-21-838929920-3368600397-1854171334-1002 -> {7EE4EE32-C17C-495D-87F6-86E26D5EF09A} URL = SearchScopes: HKU\S-1-5-21-838929920-3368600397-1854171334-1002 -> {AFBCB7E0-F91A-4951-9F31-58FEE57A25C4} URL = hxxps://nortonsafe.search.ask.com/web?q={searchTerms}&o=APN11913&l=dis&prt=NS&chn=1000&geo=BE&ver=22.10.0.85&locale=nl_BE&guid=BDE47828-1D2F-451C-82D6-1E4FAC4D08C3&doi=2015-07-05&gct=kwd&qsrc=2869 BHO: Norton Identity Safety -> {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} -> C:\Program Files (x86)\Norton AntiVirus\Engine\22.10.0.85\coIEPlg.dll [2017-07-14] (Symantec Corporation) BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_144\bin\ssv.dll [2017-08-04] (Oracle Corporation) BHO: TrueSuite Browser Helper Object -> {8590886E-EC8C-43C1-A32C-E4C2B0B6395B} -> C:\Program Files\Lenovo Fingerprint Reader\IEBHO.DLL [2012-08-31] (AuthenTec Inc.) BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_144\bin\jp2ssv.dll [2017-08-04] (Oracle Corporation) BHO: Geen Naam -> {EE932B49-D5C0-4D19-A3DA-CE0849258DE6} -> Geen bestand BHO-x32: Positive Finds -> {30c85a3d-1d96-4589-b63f-91fb7ef45a41} -> C:\Program Files (x86)\Positive Finds\Extensions\30c85a3d-1d96-4589-b63f-91fb7ef45a41.dll => Geen bestand BHO-x32: PDF Architect Helper -> {3A2D5EBA-F86D-4BD3-A177-019765996711} -> C:\Program Files (x86)\PDF Architect\PDFIEHelper.dll [2013-04-09] (pdfforge GmbH) BHO-x32: Norton Identity Safety -> {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} -> C:\Program Files (x86)\Norton AntiVirus\Engine32\22.10.0.85\coIEPlg.dll [2017-07-14] (Symantec Corporation) BHO-x32: Norton Vulnerability Protection -> {6D53EC84-6AAE-4787-AEEE-F4628F01010C} -> C:\Program Files (x86)\Norton AntiVirus\Engine\21.7.0.11\IPS\IPSBHO.DLL => Geen bestand BHO-x32: TrueSuite Browser Helper Object -> {8590886E-EC8C-43C1-A32C-E4C2B0B6395B} -> C:\Program Files\Lenovo Fingerprint Reader\x86\IEBHO.dll [2012-08-31] (AuthenTec Inc.) BHO-x32: Geen Naam -> {95B7759C-8C7F-4BF1-B163-73684A933233} -> Geen bestand Toolbar: HKLM - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton AntiVirus\Engine\22.10.0.85\coIEPlg.dll [2017-07-14] (Symantec Corporation) Toolbar: HKLM-x32 - PDF Architect Toolbar - {25A3A431-30BB-47C8-AD6A-E1063801134F} - C:\Program Files (x86)\PDF Architect\PDFIEPlugin.dll [2013-04-09] (pdfforge GmbH) Toolbar: HKLM-x32 - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton AntiVirus\Engine32\22.10.0.85\coIEPlg.dll [2017-07-14] (Symantec Corporation) Toolbar: HKU\S-1-5-21-838929920-3368600397-1854171334-1002 -> Geen Naam - {A13C2648-91D4-4BF3-BC6D-0079707C4389} - Geen bestand Toolbar: HKU\S-1-5-21-838929920-3368600397-1854171334-1002 -> Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton AntiVirus\Engine\22.10.0.85\coIEPlg.dll [2017-07-14] (Symantec Corporation) FireFox: ======== FF ProfilePath: C:\Users\Maria Rita\AppData\Roaming\TomTom\HOME\Profiles\nwg5zbsl.default [2016-07-13] FF Extension: (Map status indicator) - C:\Program Files (x86)\TomTom HOME 2\xul\extensions\MapShare-status@tomtom.com [2016-07-13] [ niet getekend] FF HKLM\...\Firefox\Extensions: [{C1A2A613-35F1-4FCF-B27F-2840527B6556}] - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_22.5.0.124\coFFAddon FF Extension: (Norton Security Toolbar) - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_22.5.0.124\coFFAddon [2017-07-22] FF HKLM-x32\...\Firefox\Extensions: [FFPDFArchitectConverter@pdfarchitect.com] - C:\Program Files (x86)\PDF Architect\FFPDFArchitectExt FF Extension: (PDF Architect Converter For Firefox) - C:\Program Files (x86)\PDF Architect\FFPDFArchitectExt [2014-04-06] [ niet getekend] FF HKLM-x32\...\Firefox\Extensions: [{C1A2A613-35F1-4FCF-B27F-2840527B6556}] - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_22.5.0.124\coFFAddon FF Plugin: @java.com/DTPlugin,version=11.144.2 -> C:\Program Files\Java\jre1.8.0_144\bin\dtplugin\npDeployJava1.dll [2017-08-04] (Oracle Corporation) FF Plugin: @java.com/JavaPlugin,version=11.144.2 -> C:\Program Files\Java\jre1.8.0_144\bin\plugin2\npjp2.dll [2017-08-04] (Oracle Corporation) FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.50907.0\npctrl.dll [2017-05-03] ( Microsoft Corporation) FF Plugin: @videolan.org/vlc,version=2.2.1 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2017-05-24] (VideoLAN) FF Plugin: @videolan.org/vlc,version=2.2.2 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2017-05-24] (VideoLAN) FF Plugin: @videolan.org/vlc,version=2.2.3 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2017-05-24] (VideoLAN) FF Plugin: @videolan.org/vlc,version=2.2.4 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2017-05-24] (VideoLAN) FF Plugin: @videolan.org/vlc,version=2.2.6 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2017-05-24] (VideoLAN) FF Plugin-x32: @authentec.com/ffwloplugin -> C:\Program Files\Lenovo Fingerprint Reader\npffwloplugin.dll [2012-08-31] (AuthenTec, Inc) FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.50907.0\npctrl.dll [2017-05-03] ( Microsoft Corporation) FF Plugin-x32: @nitropdf.com/NitroPDF -> C:\Program Files (x86)\Nitro\Pro 10\npnitromozilla.dll [2015-05-27] (Nitro PDF) FF Plugin-x32: @nitropdf.com/NitroPDF.PrevVerNPR -> C:\Program Files (x86)\Nitro\Pro 8\npnitromozilla.dll [2013-06-17] (Nitro PDF) FF Plugin-x32: @videolan.org/vlc,version=2.1.3 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2014-02-05] (VideoLAN) FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2017-08-01] (Adobe Systems Inc.) FF Plugin HKU\S-1-5-21-838929920-3368600397-1854171334-1002: intel.com/AppUp -> C:\Program Files (x86)\Intel\IntelAppStore\bin\npAppUp.dll [2013-03-25] (Intel) FF Plugin HKU\S-1-5-21-838929920-3368600397-1854171334-1002: intel.com/AppUpx64 -> C:\Program Files (x86)\Intel\IntelAppStore\bin\npAppUp_x64.dll [2013-03-25] (Intel) Chrome: ======= CHR HKLM\...\Chrome\Extension: [cjabmdjcfcfdmffimndhafhblfmpjdpe] - C:\Program Files (x86)\Norton AntiVirus\Engine\22.10.0.85\Exts\Chrome.crx [2017-07-22] CHR HKLM\...\Chrome\Extension: [iikflkcanblccfahdhdonehdalibjnif] - hxxps://clients2.google.com/service/update2/crx CHR HKLM-x32\...\Chrome\Extension: [cjabmdjcfcfdmffimndhafhblfmpjdpe] - C:\Program Files (x86)\Norton AntiVirus\Engine\22.10.0.85\Exts\Chrome.crx [2017-07-22] CHR HKLM-x32\...\Chrome\Extension: [iikflkcanblccfahdhdonehdalibjnif] - hxxps://clients2.google.com/service/update2/crx CHR HKLM-x32\...\Chrome\Extension: [iokmdlapebooifaijckgcmncjdpojmjl] - C:\Program Files\Lenovo Fingerprint Reader\x86\tschrome.crx [2012-08-03] ==================== Services (gefilterd) ==================== (Als een item is opgenomen in de fixlist, wordt uit het register verwijderd. Het bestand zal niet worden verplaatst tenzij apart vermeld.) R2 AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [344064 2014-07-04] (Advanced Micro Devices, Inc.) [Bestand niet getekend] R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [83768 2017-04-03] (Apple Inc.) R2 AVControlCenter; C:\Program Files\Lenovo\Communications Utility\AVControlCenter32.exe [560584 2015-01-21] (Lenovo Corporation) S2 BcmBtRSupport; C:\WINDOWS\system32\BtwRSupportService.exe [2252504 2013-09-04] (Broadcom Corporation.) R2 btwdins; C:\Program Files\Lenovo\Bluetooth Software\btwdins.exe [959192 2013-02-27] (Broadcom Corporation.) R2 FastbootService; C:\Program Files (x86)\Lenovo\RapidBoot HDD Accelerator\FBService.exe [140016 2013-12-14] (Lenovo) R2 FPLService; C:\Program Files\Lenovo Fingerprint Reader\TrueSuiteService.exe [2139496 2012-08-31] (AuthenTec, Inc) S3 Lenovo EasyPlus Hotspot; C:\Program Files (x86)\Common Files\LENOVO\easyplussdk\bin\EPHotspot64.exe [619776 2015-01-15] (Lenovo) R2 Lenovo QuickSnip Service; C:\Program Files\lenovo\QuickSnipService\QuickSnipService.exe [219976 2013-06-06] (LENOVO INCORPORATED.) R2 Lenovo Settings Service; C:\Program Files\Lenovo\SettingsDependency\SettingsService.exe [2016472 2015-01-23] (Lenovo Group Limited) R2 Lenovo System Agent Service; C:\Program Files\lenovo\SystemAgent\SystemAgentService.exe [562504 2013-06-06] (LENOVO INCORPORATED.) R3 LENOVO.TVTVCAM; C:\Program Files\Lenovo\Communications Utility\vcamsvc.exe [626120 2015-01-21] (Lenovo Corporation) R2 Lenovo.VIRTSCRLSVC; C:\Program Files\LENOVO\VIRTSCRL\lvvsst.exe [136288 2012-08-11] (Lenovo Group Limited) R2 LnvHotSpotSvc; C:\Program Files\Lenovo\Lenovo Mobile Hotspot\LnvHotSpotSvc.exe [474608 2014-08-12] (Lenovo) R2 LocationTaskManager; C:\Program Files (x86)\Lenovo\LocationAware\loctaskmgr.exe [469720 2015-01-09] () R2 LPlatSvc; C:\WINDOWS\system32\LPlatSvc.exe [710144 2016-04-22] (Lenovo.) S3 LSCWinService; C:\Program Files\Lenovo\Lenovo Solution Center\App\LSCWinService.exe [272864 2016-01-08] (Lenovo) R2 NAV; C:\Program Files (x86)\Norton AntiVirus\Engine\22.10.0.85\NAV.exe [326144 2017-07-15] (Symantec Corporation) S2 Net Driver HPZ12; C:\Windows\System32\HPZinw12.dll [71680 2010-08-06] (Hewlett-Packard) [Bestand niet getekend] R2 NitroDriverReadSpool10; C:\Program Files\Nitro\Pro 10\NitroPDFDriverService10x64.exe [324760 2015-05-27] (Nitro PDF Software) R2 NitroDriverReadSpool8; C:\Program Files\Common Files\Nitro\Pro\8.0\NitroPDFDriverService8x64.exe [230408 2013-06-17] (Nitro PDF Software) R2 NitroUpdateService; C:\Program Files\Nitro\Pro 10\Nitro_UpdateService.exe [418968 2015-05-27] () R2 PDF Architect Helper Service; C:\Program Files (x86)\PDF Architect\HelperService.exe [1320496 2013-04-09] (pdfforge GmbH) R2 PDF Architect Service; C:\Program Files (x86)\PDF Architect\ConversionService.exe [799280 2013-04-09] (pdfforge GmbH) S2 Pml Driver HPZ12; C:\Windows\System32\HPZipm12.dll [89600 2010-08-06] (Hewlett-Packard) [Bestand niet getekend] R2 SMService; C:\program files (x86)\iobit\Classic Start\SMService.exe [1077536 2017-01-16] (IObit) R3 TrueService; C:\Program Files\Common Files\AuthenTec\TrueService.exe [401256 2012-07-16] (AuthenTec, Inc.) S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [361824 2017-01-12] (Microsoft Corporation) S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [119872 2017-01-12] (Microsoft Corporation) ===================== Drivers (gefilterd) ====================== (Als een item is opgenomen in de fixlist, wordt uit het register verwijderd. Het bestand zal niet worden verplaatst tenzij apart vermeld.) R2 AODDriver4.2.0; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys [59648 2013-09-20] (Advanced Micro Devices) S2 APXACC; C:\WINDOWS\system32\DRIVERS\appexDrv.sys [217824 2013-03-21] (AppEx Networks Corporation) R3 AtiHDAudioService; C:\WINDOWS\system32\drivers\AtihdW86.sys [94208 2013-02-14] (Advanced Micro Devices) R3 bcbtums; C:\WINDOWS\system32\drivers\bcbtums.sys [170712 2013-09-04] (Broadcom Corporation.) R3 BCM43XX; C:\WINDOWS\system32\DRIVERS\bcmwl63a.sys [6835784 2013-12-14] (Broadcom Corporation) R1 BHDrvx64; C:\Program Files (x86)\Norton AntiVirus\NortonData\22.5.0.124\Definitions\BASHDefs\20170816.003\BHDrvx64.sys [1862816 2017-06-28] (Symantec Corporation) R3 btwpanfl; C:\WINDOWS\system32\drivers\btwpanfl.sys [44912 2013-01-20] (Broadcom Corporation.) R1 ccSet_NAV; C:\WINDOWS\system32\drivers\NAVx64\160A000.055\ccSetx64.sys [187520 2017-07-14] (Symantec Corporation) R1 eeCtrl; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys [508032 2017-06-29] (Symantec Corporation) R3 EraserUtilRebootDrv; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [158336 2017-06-29] (Symantec Corporation) R0 Fastboot; C:\WINDOWS\System32\DRIVERS\fastboot.sys [66288 2013-12-14] (Windows (R) Win 7 DDK provider) R1 IDSVia64; C:\Program Files (x86)\Norton AntiVirus\NortonData\22.5.0.124\Definitions\IPSDefs\20170818.001\IDSvia64.sys [1056920 2017-08-01] (Symantec Corporation) R3 LnvHIDHW; C:\WINDOWS\System32\drivers\LnvHIDHW.sys [29496 2014-04-07] (Lenovo) R3 RSP2STOR; C:\WINDOWS\system32\DRIVERS\RtsP2Stor.sys [288480 2012-12-13] (Realtek Semiconductor Corp.) R3 SmbDrv; C:\WINDOWS\system32\DRIVERS\Smb_driver_AMDASF.sys [28912 2013-03-18] (Synaptics Incorporated) R1 SRTSP; C:\WINDOWS\System32\Drivers\NAVx64\160A000.055\SRTSP64.SYS [810136 2017-07-14] (Symantec Corporation) R1 SRTSPX; C:\WINDOWS\system32\drivers\NAVx64\160A000.055\SRTSPX64.SYS [49304 2017-07-14] (Symantec Corporation) R0 SymEFASI; C:\WINDOWS\System32\drivers\NAVx64\160A000.055\SYMEFASI64.SYS [1868416 2017-07-14] (Symantec Corporation) S0 SymELAM; C:\WINDOWS\System32\drivers\NAVx64\160A000.055\SymELAM.sys [24608 2017-05-11] (Symantec Corporation) R3 SymEvent; C:\windows\system32\Drivers\SYMEVENT64x86.SYS [102568 2017-07-22] (Symantec Corporation) R1 SymIRON; C:\WINDOWS\system32\drivers\NAVx64\160A000.055\Ironx64.SYS [301288 2017-07-14] (Symantec Corporation) R1 SymNetS; C:\WINDOWS\System32\Drivers\NAVx64\160A000.055\SYMNETS.SYS [566912 2017-07-14] (Symantec Corporation) S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [46600 2017-02-10] (Microsoft Corporation) S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [274776 2017-01-12] (Microsoft Corporation) S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [117592 2017-01-12] (Microsoft Corporation) R2 {A14A8EF6-B11D-4356-9ECC-4B937E6CC626}; C:\Program Files (x86)\CyberLink\PowerDVD17\Common\NavFilter\000.fcl [38168 2017-03-12] (CyberLink Corp.) R2 {C5F942FD-1110-4664-86CE-0C6BDA305235}; C:\Program Files (x86)\CyberLink\PowerDVD14\Common\NavFilter\000.fcl [32456 2014-08-12] (CyberLink Corp.) ==================== NetSvcs (gefilterd) =================== (Als een item is opgenomen in de fixlist, wordt uit het register verwijderd. Het bestand zal niet worden verplaatst tenzij apart vermeld.) ==================== Een Maand Aangemaakt bestanden en mappen ======== (Als een item is opgenomen in de fixlist, het bestand/map wordt verplaatst.) 2017-08-19 18:40 - 2017-08-19 18:42 - 000026202 _____ C:\Users\Maria Rita\Desktop\FRST.txt 2017-08-19 18:40 - 2017-08-19 18:40 - 000000000 ____D C:\FRST 2017-08-19 18:32 - 2017-08-19 18:32 - 002395648 _____ (Farbar) C:\Users\Maria Rita\Desktop\FRST64.exe 2017-08-19 14:47 - 2017-08-19 14:47 - 000000000 ____D C:\WINDOWS\System32\Tasks\Remediation 2017-08-15 11:57 - 2017-08-15 12:45 - 000011623 _____ C:\Users\Maria Rita\Documents\uittreksels.xlsx 2017-08-09 09:41 - 2017-08-02 05:17 - 000107520 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tdx.sys 2017-08-09 09:41 - 2017-07-21 15:40 - 000518144 _____ C:\WINDOWS\SysWOW64\msjetoledb40.dll 2017-08-09 09:41 - 2017-07-21 15:40 - 000290816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msjtes40.dll 2017-08-09 09:41 - 2017-07-15 12:10 - 000536688 _____ (Microsoft Corporation) C:\WINDOWS\system32\wer.dll 2017-08-09 09:41 - 2017-07-15 12:10 - 000140016 _____ (Microsoft Corporation) C:\WINDOWS\system32\wermgr.exe 2017-08-09 09:41 - 2017-07-15 12:06 - 000449840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wer.dll 2017-08-09 09:41 - 2017-07-15 12:06 - 000136832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wermgr.exe 2017-08-09 09:41 - 2017-07-14 22:08 - 000037888 _____ (Microsoft Corporation) C:\WINDOWS\system32\werdiagcontroller.dll 2017-08-09 09:41 - 2017-07-14 20:44 - 000033280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\werdiagcontroller.dll 2017-08-09 09:41 - 2017-07-14 08:49 - 025733632 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll 2017-08-09 09:41 - 2017-07-14 08:44 - 000576512 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll 2017-08-09 09:41 - 2017-07-14 08:19 - 000817664 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll 2017-08-09 09:41 - 2017-07-14 07:35 - 005981184 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll 2017-08-09 09:41 - 2017-07-14 07:26 - 001033216 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcomm.dll 2017-08-09 09:41 - 2017-07-14 07:10 - 000806912 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll 2017-08-09 09:41 - 2017-07-14 06:40 - 015254016 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll 2017-08-09 09:41 - 2017-07-14 06:23 - 003240960 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll 2017-08-09 09:41 - 2017-07-14 06:07 - 001545728 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll 2017-08-09 09:41 - 2017-07-14 05:58 - 000800768 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll 2017-08-09 09:41 - 2017-07-14 04:54 - 020270080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll 2017-08-09 09:41 - 2017-07-14 04:48 - 000499200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll 2017-08-09 09:41 - 2017-07-14 04:38 - 000663552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll 2017-08-09 09:41 - 2017-07-14 04:17 - 004546048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll 2017-08-09 09:41 - 2017-07-14 04:17 - 000880640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcomm.dll 2017-08-09 09:41 - 2017-07-14 04:12 - 000693248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll 2017-08-09 09:41 - 2017-07-14 04:09 - 013663744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll 2017-08-09 09:41 - 2017-07-14 03:53 - 002767872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll 2017-08-09 09:41 - 2017-07-14 03:50 - 001314816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll 2017-08-09 09:41 - 2017-07-14 03:48 - 000710144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll 2017-08-09 09:41 - 2017-07-08 22:14 - 000376672 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\clfs.sys 2017-08-09 09:41 - 2017-07-08 21:12 - 004169728 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys 2017-08-09 09:41 - 2017-07-08 19:45 - 007078912 _____ (Microsoft Corporation) C:\WINDOWS\system32\glcndFilter.dll 2017-08-09 09:41 - 2017-07-08 19:05 - 003631616 _____ (Microsoft Corporation) C:\WINDOWS\system32\tquery.dll 2017-08-09 09:41 - 2017-07-08 18:39 - 005274624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\glcndFilter.dll 2017-08-09 09:41 - 2017-07-08 18:37 - 007797248 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Data.Pdf.dll 2017-08-09 09:41 - 2017-07-08 18:23 - 002749952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tquery.dll 2017-08-09 09:41 - 2017-07-08 17:59 - 005270016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Data.Pdf.dll 2017-08-09 09:41 - 2017-07-08 05:46 - 000377688 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\volmgrx.sys 2017-08-09 09:41 - 2017-07-08 05:16 - 007440728 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe 2017-08-09 09:41 - 2017-07-08 05:16 - 001674520 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi 2017-08-09 09:41 - 2017-07-08 05:16 - 001534072 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe 2017-08-09 09:41 - 2017-07-08 05:16 - 001499920 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi 2017-08-09 09:41 - 2017-07-08 05:16 - 001370328 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe 2017-08-09 09:41 - 2017-07-08 05:16 - 000086360 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pdc.sys 2017-08-09 09:41 - 2017-07-01 15:47 - 001311744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msjet40.dll 2017-08-09 09:41 - 2017-07-01 15:47 - 000866816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mswdat10.dll 2017-08-09 09:41 - 2017-07-01 15:47 - 000641536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mswstr10.dll 2017-08-09 09:41 - 2017-07-01 15:47 - 000616448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msrepl40.dll 2017-08-09 09:41 - 2017-07-01 15:47 - 000475648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxbde40.dll 2017-08-09 09:41 - 2017-07-01 15:47 - 000375808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mspbde40.dll 2017-08-09 09:41 - 2017-07-01 15:47 - 000343552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msrd3x40.dll 2017-08-09 09:41 - 2017-07-01 15:47 - 000339968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msexcl40.dll 2017-08-09 09:41 - 2017-07-01 15:47 - 000310272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msrd2x40.dll 2017-08-09 09:41 - 2017-07-01 15:47 - 000272896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstext40.dll 2017-08-09 09:41 - 2017-07-01 15:47 - 000240640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msltus40.dll 2017-08-09 09:41 - 2017-07-01 15:47 - 000144896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msjint40.dll 2017-08-09 09:41 - 2017-07-01 15:47 - 000083968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msjter40.dll 2017-08-09 09:41 - 2017-06-24 18:46 - 000424448 _____ (Microsoft Corporation) C:\WINDOWS\system32\mprapi.dll 2017-08-09 09:41 - 2017-06-24 18:16 - 000352768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mprapi.dll 2017-08-09 09:41 - 2017-06-15 16:17 - 002551808 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssrch.dll 2017-08-09 09:41 - 2017-06-15 16:16 - 001920000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssrch.dll 2017-08-09 09:41 - 2017-06-13 19:51 - 000324096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\certcli.dll 2017-08-09 09:41 - 2017-06-13 19:23 - 000499200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dnsapi.dll 2017-08-09 09:41 - 2017-06-13 19:19 - 000383488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wlansec.dll 2017-08-09 09:41 - 2017-06-13 19:16 - 000024064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wfdprov.dll 2017-08-09 09:41 - 2017-06-13 19:11 - 000238080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wlanapi.dll 2017-08-09 09:41 - 2017-06-13 19:07 - 000304128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wlanmsm.dll 2017-08-09 09:41 - 2017-06-13 16:17 - 000656384 _____ (Microsoft Corporation) C:\WINDOWS\system32\dnsapi.dll 2017-08-09 09:41 - 2017-06-13 16:16 - 000252416 _____ (Microsoft Corporation) C:\WINDOWS\system32\dnsrslvr.dll 2017-08-09 09:41 - 2017-06-13 11:47 - 000445440 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\nwifi.sys 2017-08-09 09:41 - 2017-06-13 11:09 - 000445440 _____ (Microsoft Corporation) C:\WINDOWS\system32\certcli.dll 2017-08-09 09:41 - 2017-06-13 10:22 - 001436160 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll 2017-08-09 09:41 - 2017-06-13 10:16 - 000445952 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansec.dll 2017-08-09 09:41 - 2017-06-13 10:10 - 000028672 _____ (Microsoft Corporation) C:\WINDOWS\system32\wfdprov.dll 2017-08-09 09:41 - 2017-06-13 10:07 - 000301568 _____ (Microsoft Corporation) C:\WINDOWS\system32\ProximityService.dll 2017-08-09 09:41 - 2017-06-13 10:03 - 000302080 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlanapi.dll 2017-08-09 09:41 - 2017-06-13 09:54 - 000374272 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlanmsm.dll 2017-08-09 09:41 - 2017-06-13 09:50 - 001547264 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansvc.dll 2017-08-09 09:41 - 2017-06-12 02:14 - 000276320 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\msiscsi.sys 2017-08-09 09:41 - 2017-06-11 22:13 - 000301056 _____ (Microsoft Corporation) C:\WINDOWS\system32\umrdp.dll 2017-08-09 09:41 - 2017-06-11 22:11 - 000346112 _____ (Microsoft Corporation) C:\WINDOWS\system32\SessEnv.dll 2017-08-09 09:41 - 2017-06-11 22:02 - 002778112 _____ (Microsoft Corporation) C:\WINDOWS\system32\authui.dll 2017-08-09 09:41 - 2017-06-11 22:02 - 000299520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SessEnv.dll 2017-08-09 09:41 - 2017-06-11 21:52 - 002463744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\authui.dll 2017-08-09 09:41 - 2017-06-09 15:47 - 000448629 _____ C:\WINDOWS\system32\ApnDatabase.xml 2017-08-09 09:41 - 2017-06-08 19:01 - 001737600 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll 2017-08-09 09:41 - 2017-06-08 19:01 - 001502000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll 2017-08-09 09:41 - 2017-06-08 03:48 - 002457936 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys 2017-08-09 09:41 - 2017-06-07 06:25 - 000428888 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\FWPKCLNT.SYS 2017-08-09 09:41 - 2017-06-06 20:38 - 000607232 _____ (Microsoft Corporation) C:\WINDOWS\system32\rastls.dll 2017-08-09 09:41 - 2017-06-06 19:44 - 000530432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rastls.dll 2017-08-09 09:41 - 2017-05-27 18:42 - 001115136 _____ (Microsoft Corporation) C:\WINDOWS\system32\termsrv.dll 2017-08-09 09:41 - 2017-05-27 18:38 - 000056832 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdsdwmdr.dll 2017-07-27 11:01 - 2017-07-27 11:01 - 000010908 _____ C:\Users\Maria Rita\Documents\Kopie van deelnemerslijst nanni 2017.xlsx 2017-07-23 10:03 - 2017-07-23 10:03 - 000001736 _____ C:\Users\Public\Desktop\iTunes.lnk 2017-07-23 10:03 - 2017-07-23 10:03 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes 2017-07-23 10:01 - 2017-07-23 10:03 - 000000000 ____D C:\Program Files\iTunes 2017-07-23 10:01 - 2017-07-23 10:01 - 000000000 ____D C:\Program Files\iPod 2017-07-23 09:30 - 2017-07-23 09:30 - 000000000 ____D C:\WINDOWS\System32\Tasks\Norton AntiVirus 2017-07-22 22:33 - 2017-07-22 22:33 - 000003220 _____ C:\WINDOWS\System32\Tasks\Norton WSC Integration ==================== Een Maand Gewijzigd bestanden en mappen ======== (Als een item is opgenomen in de fixlist, het bestand/map wordt verplaatst.) 2017-08-19 18:38 - 2014-04-12 22:50 - 000000000 ____D C:\Users\Maria Rita\Documents\SPAM 2017-08-19 18:19 - 2017-06-13 08:55 - 000000268 _____ C:\WINDOWS\Tasks\StartMenu8_Start.job 2017-08-19 17:12 - 2014-04-05 16:32 - 000000000 ____D C:\Users\Maria Rita\AppData\LocalLow\AuthenTec 2017-08-19 12:29 - 2016-01-09 11:19 - 000000000 ____D C:\Program Files (x86)\FileHippo.com 2017-08-18 16:48 - 2014-09-24 18:13 - 001825918 _____ C:\WINDOWS\system32\PerfStringBackup.INI 2017-08-18 16:48 - 2014-09-24 17:36 - 000807602 _____ C:\WINDOWS\system32\perfh013.dat 2017-08-18 16:48 - 2014-09-24 17:36 - 000162508 _____ C:\WINDOWS\system32\perfc013.dat 2017-08-18 16:48 - 2013-08-22 15:36 - 000000000 ____D C:\WINDOWS\Inf 2017-08-17 13:23 - 2013-08-22 15:25 - 000262144 ___SH C:\WINDOWS\system32\config\ELAM 2017-08-16 12:24 - 2014-04-12 22:43 - 000000000 ____D C:\Users\Maria Rita\Documents\deelnemerslijsten 2017-08-16 11:59 - 2017-05-14 18:23 - 000009805 _____ C:\Users\Maria Rita\Documents\frmFinancies.xlsx 2017-08-15 10:12 - 2014-04-12 22:17 - 000000000 ____D C:\Users\Maria Rita\Documents\afbeeldingen 2017-08-14 20:47 - 2014-04-13 07:23 - 000000000 ____D C:\Users\Maria Rita\AppData\Local\CrashDumps 2017-08-14 16:40 - 2014-06-18 09:29 - 000000000 ____D C:\ProgramData\ProductData 2017-08-14 16:35 - 2013-08-22 16:45 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT 2017-08-14 11:45 - 2014-04-13 12:37 - 000003598 _____ C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-838929920-3368600397-1854171334-1002 2017-08-13 20:58 - 2015-12-05 11:10 - 000010410 _____ C:\Users\Maria Rita\Documents\qryInschrijvingenDeelnemerlijstDeel2.xlsx 2017-08-13 15:47 - 2016-01-09 11:56 - 000002457 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk 2017-08-13 11:38 - 2014-04-05 16:35 - 000000000 ____D C:\Users\Maria Rita\AppData\Roaming\Nitro PDF 2017-08-10 17:26 - 2013-08-22 17:36 - 000000000 ____D C:\WINDOWS\rescache 2017-08-10 13:51 - 2014-12-25 11:05 - 000004476 _____ C:\WINDOWS\System32\Tasks\Adobe Acrobat Update Task 2017-08-10 12:39 - 2013-08-22 17:36 - 000000000 ___HD C:\Program Files\WindowsApps 2017-08-10 12:39 - 2013-08-22 17:36 - 000000000 ____D C:\WINDOWS\AppReadiness 2017-08-10 11:11 - 2014-04-19 12:51 - 000000000 ____D C:\Users\Maria Rita\AppData\Roaming\vlc 2017-08-10 09:59 - 2013-08-22 16:44 - 000503488 _____ C:\WINDOWS\system32\FNTCACHE.DAT 2017-08-09 21:14 - 2013-08-22 15:25 - 000262144 ___SH C:\WINDOWS\system32\config\BBI 2017-08-09 10:25 - 2012-07-26 09:59 - 000000000 ____D C:\WINDOWS\CbsTemp 2017-08-09 10:23 - 2014-04-13 20:14 - 000000000 ____D C:\WINDOWS\system32\MRT 2017-08-09 10:20 - 2014-04-13 20:14 - 140394280 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe 2017-08-08 15:27 - 2014-04-12 22:50 - 000000000 ____D C:\Users\Maria Rita\Documents\teksten 2017-08-08 11:40 - 2014-04-12 22:50 - 000000000 ____D C:\Users\Maria Rita\Documents\voeding 2017-08-08 11:40 - 2014-04-12 22:50 - 000000000 ____D C:\Users\Maria Rita\Documents\TRAINING LAURA SHANNON 2017-08-08 11:08 - 2014-04-12 22:50 - 000000000 ____D C:\Users\Maria Rita\Documents\REKENINGUITTREKSELS 2017-08-08 11:04 - 2014-04-12 22:43 - 000000000 ____D C:\Users\Maria Rita\Documents\documentatie 2017-08-08 11:02 - 2014-04-12 22:17 - 000000000 ____D C:\Users\Maria Rita\Documents\belangrijke informatie 2017-08-08 10:56 - 2014-05-23 16:26 - 000000000 ____D C:\Users\Maria Rita\Documents\CyberLink 2017-08-08 10:55 - 2014-04-12 22:17 - 000000000 ____D C:\Users\Maria Rita\Documents\contracten 2017-08-07 17:49 - 2014-04-12 22:50 - 000000000 ____D C:\Users\Maria Rita\Documents\stick 2017-08-07 17:48 - 2014-04-12 22:50 - 000000000 ____D C:\Users\Maria Rita\Documents\regenboogkoor 2017-08-07 17:46 - 2014-04-12 22:49 - 000000000 ____D C:\Users\Maria Rita\Documents\projecten 2017-08-07 17:12 - 2014-04-12 22:48 - 000000000 ____D C:\Users\Maria Rita\Documents\facturen 2017-08-07 17:10 - 2015-10-18 14:29 - 000000000 ____D C:\Users\Maria Rita\Documents\Leen 2017-08-07 16:59 - 2014-04-12 22:43 - 000000000 ____D C:\Users\Maria Rita\Documents\dvd 2017-08-06 16:01 - 2014-04-12 22:48 - 000000000 ____D C:\Users\Maria Rita\Documents\handleidingen 2017-08-06 12:46 - 2014-04-12 22:18 - 000000000 ____D C:\Users\Maria Rita\Documents\dansen 2017-08-06 12:42 - 2014-04-12 22:18 - 000000000 ____D C:\Users\Maria Rita\Documents\danscentra 2017-08-05 18:27 - 2014-04-06 03:43 - 000000000 ____D C:\Users\Maria Rita\AppData\Roaming\FileZilla 2017-08-04 12:27 - 2016-03-06 13:53 - 000000000 ____D C:\ProgramData\Oracle 2017-08-04 12:14 - 2016-03-07 11:59 - 000000000 ____D C:\Program Files\Java 2017-08-04 12:14 - 2016-03-06 13:54 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java 2017-08-04 12:11 - 2016-03-07 12:00 - 000110144 _____ (Oracle Corporation) C:\WINDOWS\system32\WindowsAccessBridge-64.dll 2017-08-01 10:12 - 2015-01-13 21:49 - 000000000 ____D C:\Users\Maria Rita 2017-07-29 02:03 - 2017-06-15 09:31 - 000835576 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe 2017-07-29 02:03 - 2017-06-15 09:31 - 000177648 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl 2017-07-28 18:59 - 2014-08-05 16:20 - 000000000 ____D C:\Program Files (x86)\MyDrive Connect 2017-07-27 12:02 - 2014-04-13 15:42 - 000000000 ____D C:\Users\Maria Rita\AppData\Roaming\Nitro 2017-07-23 10:56 - 2015-12-04 10:29 - 000000000 ____D C:\Program Files\Common Files\AV 2017-07-23 10:15 - 2016-07-23 10:27 - 000002116 _____ C:\Users\Public\Desktop\FileZilla Client.lnk 2017-07-23 10:15 - 2014-04-06 03:42 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FileZilla FTP Client 2017-07-23 10:15 - 2014-04-06 03:42 - 000000000 ____D C:\Program Files (x86)\FileZilla FTP Client 2017-07-23 10:14 - 2016-01-09 11:20 - 000000000 ____D C:\Users\Maria Rita\Documents\My Filehippo Downloads 2017-07-22 22:33 - 2014-07-01 11:47 - 000000000 ____D C:\WINDOWS\system32\Drivers\NAVx64 2017-07-22 22:32 - 2016-06-22 09:07 - 000002345 _____ C:\Users\Public\Desktop\Norton AntiVirus.lnk 2017-07-22 22:32 - 2015-07-05 09:16 - 000000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Norton AntiVirus 2017-07-22 20:20 - 2017-02-16 18:18 - 000000000 ____D C:\Program Files\NortonInstaller 2017-07-22 13:24 - 2014-07-01 11:48 - 000102568 _____ (Symantec Corporation) C:\WINDOWS\system32\Drivers\SYMEVENT64x86.SYS 2017-07-22 13:24 - 2014-07-01 11:48 - 000008309 _____ C:\WINDOWS\system32\Drivers\SYMEVENT64x86.CAT 2017-07-21 09:29 - 2014-04-13 07:41 - 000134520 _____ C:\Users\Maria Rita\AppData\Local\GDIPFONTCACHEV1.DAT ==================== Bestanden in de root van sommige mappen ======= 2014-04-05 16:33 - 2014-04-12 02:15 - 000003540 _____ () C:\Users\Maria Rita\AppData\Roaming\AbsoluteReminder.xml 2014-05-10 12:25 - 2014-05-10 12:38 - 000000435 _____ () C:\Users\Maria Rita\AppData\Roaming\LiveSupport.exe_log.txt 2014-05-10 12:25 - 2014-05-10 13:57 - 000000092 _____ () C:\Users\Maria Rita\AppData\Roaming\regsvr32.exe_log.txt 2014-06-19 08:35 - 2014-06-19 08:35 - 000000024 _____ () C:\Users\Maria Rita\AppData\Roaming\temp.ini 2016-04-20 12:44 - 2016-04-20 12:44 - 000004096 ____H () C:\Users\Maria Rita\AppData\Local\keyfile3.drm 2014-04-05 16:35 - 2015-01-16 11:27 - 000000280 _____ () C:\Users\Maria Rita\AppData\Local\RegisteredPackageInformation.xml 2013-12-14 14:59 - 2013-12-14 14:59 - 000000000 ____H () C:\ProgramData\DP45977C.lfl 2014-04-12 23:55 - 2016-01-03 19:20 - 000003326 _____ () C:\ProgramData\hpzinstall.log 2013-12-14 15:17 - 2013-12-14 15:17 - 000000107 _____ () C:\ProgramData\{324F76CC-D8DD-4D87-B77D-D4AF5E1AA7B3}.log 2013-12-14 15:13 - 2013-12-14 15:14 - 000000105 _____ () C:\ProgramData\{40BF1E83-20EB-11D8-97C5-0009C5020658}.log 2013-12-14 15:14 - 2013-12-14 15:16 - 000000110 _____ () C:\ProgramData\{B7A0CE06-068E-11D6-97FD-0050BACBF861}.log 2013-12-14 15:16 - 2013-12-14 15:16 - 000000115 _____ () C:\ProgramData\{D6E853EC-8960-4D44-AF03-7361BB93227C}.log ==================== Bamital & volsnap ====================== (Er is geen automatische fix voor bestanden die de verificatie niet doorkomen.) C:\WINDOWS\system32\winlogon.exe => Bestand is getekend C:\WINDOWS\system32\wininit.exe => Bestand is getekend C:\WINDOWS\explorer.exe => Bestand is getekend C:\WINDOWS\SysWOW64\explorer.exe => Bestand is getekend C:\WINDOWS\system32\svchost.exe => Bestand is getekend C:\WINDOWS\SysWOW64\svchost.exe => Bestand is getekend C:\WINDOWS\system32\services.exe => Bestand is getekend C:\WINDOWS\system32\User32.dll => Bestand is getekend C:\WINDOWS\SysWOW64\User32.dll => Bestand is getekend C:\WINDOWS\system32\userinit.exe => Bestand is getekend C:\WINDOWS\SysWOW64\userinit.exe => Bestand is getekend C:\WINDOWS\system32\rpcss.dll => Bestand is getekend C:\WINDOWS\system32\dnsapi.dll => Bestand is getekend C:\WINDOWS\SysWOW64\dnsapi.dll => Bestand is getekend C:\WINDOWS\system32\Drivers\volsnap.sys => Bestand is getekend LastRegBack: 2017-08-15 12:23 ==================== Eind van FRST.txt ============================